XTreme Posted March 20, 2021 Share Posted March 20, 2021 I've noticed over the past few days that we've had a lot more IP addresses visiting the site than normal. And I mean hundreds more showing in "Who's Online". After I did some traces it appears they all come from your-server.de. This is the standard default reverse-DNS entry for servers rented from Hetzner, so that domain name isn't anything to do with the scraping. Basically, It's the person renting that server that we need to identify. There's just too many IP's to blacklist and they're across too many different IP ranges to pin them down. And even if I blocked them (which would be a long job) they'd probably just switch to different IP's. I can't block all hetzner servers either cos I'd be blocking legitimate traffic as well. The numbers at present don't cause any problem other than wasting our bandwidth, but it's something that I'll need to monitor because I don't want it escalating into something like a DDoS attack. If you didn't understand any of that, let me summarise: Somebody has an unusual interest in this site. And when this sort of thing happens their intentions are never good. @Tym.......time to Lock'n'Load! 1 Link to comment Share on other sites More sharing options...
Buckster Posted March 20, 2021 Share Posted March 20, 2021 IP can be spoofed anyway, you can block ping backs and even partition ip blocks if you choose, this would mitigate a ddos attack. Link to comment Share on other sites More sharing options...
Tym Posted March 20, 2021 Share Posted March 20, 2021 What makemodelyear of car do they drive? 1 Link to comment Share on other sites More sharing options...
XTreme Posted March 20, 2021 Author Share Posted March 20, 2021 Just now, Buckster said: IP can be spoofed anyway, you can block ping backs and even partition ip blocks if you choose, this would mitigate a ddos attack. Definitely all Hetzner.......their cheap and nasty services attract a certain kind of user. If they were specific blocks it would be easy enough......but they're not. I have processes in place to mitigate if it becomes a problem but we're a long way from that. Link to comment Share on other sites More sharing options...
Pedro Posted March 20, 2021 Share Posted March 20, 2021 Should we create a background resistance network? 4 Link to comment Share on other sites More sharing options...
XTreme Posted March 20, 2021 Author Share Posted March 20, 2021 I've made a few adjustments and removed our unwanted guests! 1 1 Link to comment Share on other sites More sharing options...
boboneleg Posted March 20, 2021 Share Posted March 20, 2021 2 hours ago, Pedro said: Should we create a background resistance network? 4 Link to comment Share on other sites More sharing options...
MooN Posted March 20, 2021 Share Posted March 20, 2021 I'm with Tym on this one, but only cos I didn't undsrstand a fucking word of what Pete or Buck said. 1 5 Link to comment Share on other sites More sharing options...
skyrider Posted March 20, 2021 Share Posted March 20, 2021 11 hours ago, XTreme said: I've noticed over the past few days that we've had a lot more IP addresses visiting the site than normal. And I mean hundreds more showing in "Who's Online". After I did some traces it appears they all come from your-server.de. This is the standard default reverse-DNS entry for servers rented from Hetzner, so that domain name isn't anything to do with the scraping. Basically, It's the person renting that server that we need to identify. There's just too many IP's to blacklist and they're across too many different IP ranges to pin them down. And even if I blocked them (which would be a long job) they'd probably just switch to different IP's. I can't block all hetzner servers either cos I'd be blocking legitimate traffic as well. The numbers at present don't cause any problem other than wasting our bandwidth, but it's something that I'll need to monitor because I don't want it escalating into something like a DDoS attack. If you didn't understand any of that, let me summarise: Somebody has an unusual interest in this site. And when this sort of thing happens their intentions are never good. @Tym.......time to Lock'n'Load! be on your guard people Link to comment Share on other sites More sharing options...
skyrider Posted March 20, 2021 Share Posted March 20, 2021 1 hour ago, MooN said: I'm with Tym on this one, but only cos I didn't undsrstand a fucking word of what Pete or Buck said. it's computer speak Link to comment Share on other sites More sharing options...
Grasshopper Posted March 20, 2021 Share Posted March 20, 2021 . I've got this....... 1 2 Link to comment Share on other sites More sharing options...
DesmoDog Posted March 21, 2021 Share Posted March 21, 2021 Have you tried turning it off and back on again? 1 2 Link to comment Share on other sites More sharing options...
Tym Posted March 21, 2021 Share Posted March 21, 2021 Take the battery out, and put it back in? Link to comment Share on other sites More sharing options...
Six30 Posted March 21, 2021 Share Posted March 21, 2021 @XTreme only just seen this , good work last thing we need is a DDoS attack, did you block with a 22 RRTG rogue PP ? would recommend doing a Sargnet 587 run on our system as well , just to be on the safe side you need any help let me know. 1 Link to comment Share on other sites More sharing options...
XTreme Posted March 21, 2021 Author Share Posted March 21, 2021 4 minutes ago, Six30 said: @XTreme only just seen this , good work last thing we need is a DDoS attack, did you block with a 22 RRTG rogue PP ? would recommend doing a Sargnet 587 run on our system as well , just to be on the safe side you need any help let me know. I knew I could count on you to have my back Six! I'll get on the Sargnet 587 straight away.....that'll sort these annoying cunts out! 1 Link to comment Share on other sites More sharing options...
Tym Posted March 21, 2021 Share Posted March 21, 2021 My codes for consideration are P90, +P+ and .45 acp. 1 1 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now